제출 #480306: CampCodes School Management Software 1 Cross Site Scripting정보

제목CampCodes School Management Software 1 Cross Site Scripting
설명Cross-Site Scripting (XSS) vulnerability exists in "ID Card Title" form field of "/create-id-card" page. The payload gets executed and rendered on entering it in the "ID Card Title" form field dynamically. We can enter any javascript or html payload to get it executed in the application, we can even use document.cookie to steal the session cookie. Cross-Site Scripting (XSS) vulnerabilities can pose significant risks to organizations by enabling attackers to exploit vulnerabilities in web applications. These risks span security, business operations, and customer trust. Payload: <img src=x onerror=alert(1)> <img src=x onerror=alert(document.cookie)>
원천⚠️ https://github.com/KhukuriRimal/Vulnerabilities/blob/main/CampCodes%20-%20School%20Management%20Software%20-%20Cross%20Site%20Scripting.pdf
사용자
 khukuririmal (UID 80171)
제출2025. 01. 13. PM 06:48 (1 년도 ago)
모더레이션2025. 01. 17. PM 09:49 (4 days later)
상태수락
VulDB 항목292493 [Campcodes School Management Software 1.0 Create Id Card Page /create-id-card ID Card Title 크로스 사이트 스크립팅]
포인트들20

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!